Skip to main content

Aria Operations CVE-2026-22719

HIGH
Command Injection (CWE-77)
2026-02-25 security@vmware.com
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
Added to CISA KEV
Mar 04, 2026 - 15:08 cisa
CISA KEV
Patch released
Mar 04, 2026 - 15:08 nvd
Patch available
CVE Published
Feb 25, 2026 - 20:23 nvd
HIGH 8.1

DescriptionCVE.org

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.

To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

AnalysisAI

VMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated remote attackers to execute arbitrary commands during support-assisted product migration. KEV-listed with patches available, this vulnerability targets the infrastructure monitoring platform that has visibility into the entire virtualized environment.

Technical ContextAI

The vulnerability exists in the product migration pathway of Aria Operations (formerly vRealize Operations). During migration procedures, user-controllable input is insufficiently sanitized before being passed to OS command execution. While the migration functionality is not always active, organizations performing upgrades or migrations are particularly exposed. Aria Operations has deep visibility into vSphere environments, including VM configurations, performance data, and infrastructure topology.

RemediationAI

Apply VMware security patch immediately. If migration is in progress, complete or pause it and restrict network access. Ensure migration endpoints are not exposed to untrusted networks. Review Aria Operations audit logs for suspicious activity.

CVE-2026-22720 HIGH
8.0 Feb 25

Stored XSS in VMware Aria Operations allows authenticated users with benchmark creation privileges to inject malicious s

CVE-2024-38831 HIGH
7.8 Nov 26

VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnera

CVE-2024-38830 HIGH
7.8 Nov 26

VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnera

CVE-2024-22235 MEDIUM
6.7 Feb 21

VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulne

CVE-2023-34043 MEDIUM
6.7 Sep 27

VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulne

CVE-2023-20880 MEDIUM
6.7 May 12

VMware Aria Operations contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerabili

CVE-2024-38832 MEDIUM
6.4 Nov 26

VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.4), this vuln

CVE-2026-22721 MEDIUM
6.2 Feb 25

Privilege escalation in VMware Aria Operations allows authenticated users with vCenter access to escalate their privileg

CVE-2024-38833 MEDIUM
5.4 Nov 26

VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vuln

CVE-2024-38834 MEDIUM
4.8 Nov 26

VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vuln

CVE-2025-41244 HIGH POC
7.8 Sep 29

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.

CVE-2025-22222 HIGH
7.7 Jan 30

VMware Aria Operations contains an information disclosure vulnerability. Rated high severity (CVSS 7.7), this vulnerabil

Share

CVE-2026-22719 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy